<?php 
  include_once('session.php');  
  include_once('db.php');
  
  if ( !IsSessionValid()){
    echo "-1";    
    exit;
  }
  
  if ( $sessionUserPrivileges < 1) {
    exit;
  } 
  
  //test query http://localhost/onmotion/delete.php?toDelete=1,2&userName=SergioEstevao&userTid=1235656         
    if ( $_SERVER['REQUEST_METHOD'] === 'POST' ){            
      $toDelete = $_POST['toDelete'];           
    } else {
      $toDelete = $_GET['toDelete'];
    }
    
    $points = explode(',',$toDelete);    
    $toDeleteTracks = "";        
    foreach ( $points as $p){
        $id = $p * -1;            
        if ($id > 0) {
            $toDeleteTracks .= $id.",";
        }
    }       
    $toDeleteTracks = substr($toDeleteTracks, 0, -1);
    
    $conn = &ADONewConnection($dbType);
    $conn->PConnect($dbServer, $dbUser, $dbPassword, $dbName);
    $conn->debug = true;
    
    // delete points
    $query = "delete from point where id_user=$sessionUserId AND id_point IN (".$toDelete.")";
    $rs = $conn->Execute($query);
    $query = "delete from image where id_user=$sessionUserId AND id_point IN (".$toDelete.")";
    $rs = $conn->Execute($query);
    // delete tracks
    if ( strlen($toDeleteTracks) > 0) {
        $query = "delete from point where id_user=$sessionUserId AND track IN (".$toDeleteTracks.")";
        $rs = $conn->Execute($query);       
    }   
?>
